Text Exploits
31,383 exploits tracked across all sources.
xbtitFM 4.1.18 - Unauthenticated SQL Injection via msgid Parameter
xbtitFM 4.1.18 contains an unauthenticated SQL injection vulnerability that allows remote attackers to manipulate database queries by injecting malicious SQL code through the msgid parameter. Attackers can send crafted requests to /shoutedit.php with EXTRACTVALUE functions to extract database names, user credentials, and password hashes from the underlying database.
by h5kj23kj32io2kj
CVSS 9.8
Quick.CMS 6.7 - Unauthenticated SQL Injection via Login Form
Quick.CMS 6.7 contains a SQL injection vulnerability that allows unauthenticated attackers to bypass login authentication by manipulating the login form. Attackers can inject specific SQL payloads like ' or '1'='1 to gain unauthorized administrative access to the system.
by H4X.Forensics
CVSS 9.8
TYPO3 11.5.24 - Path Traversal (Authenticated)
by Saeed reza Zamanian
TELSAT marKoni FM Transmitter 1.9.5 - Insecure Access Control Change Password
by LiquidWorm
TELSAT marKoni FM Transmitter 1.9.5 - Backdoor Account Information Disclosure
by LiquidWorm
Nokia BMC <13.1 - Command Injection
Nokia Broadcast Message Center (BMC) before 13.1 allows an unauthenticated remote attacker to do OS command injection as root via shell metacharacters in the Log Scanner Search Pattern field.
by Carlos Andres Gonzalez_ Matthew Gregory
CVSS 6.5
APC Network Management Card 4 - Path Traversal
APC Network Management Card 4 contains a path traversal vulnerability that allows unauthenticated attackers to access sensitive system files by manipulating URL parameters. Attackers can exploit directory traversal techniques to read critical system files like /etc/passwd by using encoded path traversal characters in HTTP requests.
by Víctor García
Winter CMS 1.2.3 - Authenticated Server-Side Template Injection via CMS Pages Field
Server-side Template Injection (SSTI) vulnerability in Winter CMS v.1.2.3 allows a remote attacker to execute arbitrary code via a crafted payload to the CMS Pages field and Plugin components. NOTE: the vendor disputes this because the payload could only be entered by a trusted user, such as the owner of the server that hosts Winter CMS, or a developer working for them.
by tmrswrr
CVSS 7.2
GitLab Password Reset Account Takeover
An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which user account password reset emails could be delivered to an unverified email address.
by 0xB455
CVSS 10.0
Human Resource Management System 1.0 - 'employeeid' SQL Injection
by Srikar
Microsoft Windows Defender / Trojan.Win32/Powessere.G - Detection Mitigation Bypass
by hyp3rlinx
Hide My WP < 6.2.9 - Unauthenticated SQL Injection via AJAX Action
The Hide My WP WordPress plugin before 6.2.9 does not properly sanitize and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection.
by Xenofon Vassilakopoulos
CVSS 9.8
F-logic DataCube3 v1.0 - Authenticated Unrestricted File Upload via Filename Extension Manipulation
F-logic DataCube3 v1.0 is vulnerable to unrestricted file upload, which could allow an authenticated malicious actor to upload a file of dangerous type by manipulating the filename extension.
by Samy Younsi - NS Labs
CVSS 8.8
Akaunting <3.1.3 - Command Injection
An OS command injection vulnerability exists in Akaunting v3.1.3 and earlier. An attacker can manipulate the company locale when installing an app to execute system commands on the hosting server.
by u32i
CVSS 9.8
Numbas editor <7.3 - Info Disclosure
Numbas editor before 7.3 mishandles editing of themes and extensions.
by Matheus Alexandre
CVSS 6.2
Ladder 0.0.1-0.0.21 - Server-Side Request Forgery
An issue in Ladder v.0.0.1 thru v.0.0.21 allows a remote attacker to obtain sensitive information via a crafted request to the API.
by @_chebuya
CVSS 7.5
Lot Reservation Management System - Unauthenticated File Upload and Remote Code Execution
by Elijah Mandila Syoyi
Lot Reservation Management System - Unauthenticated File Disclosure
by Elijah Mandila Syoyi
elFinder Web file manager Version - 2.1.53 Remote Command Execution
by tmrswrr
Sourcecodester Customer Support System 1.0 - SQL Injection via Department ID or Name Parameter
Sourcecodester Customer Support System 1.0 has multiple SQL injection vulnerabilities in /customer_support/ajax.php?action=save_department via id or name.
by Geraldo Alcantara
CVSS 8.8
By Source